Hackers intercept NZ taxidermy company’s invoices, trick clients

_________________________________________________________________________
GET THE FREE NATIONAL CYBER SECURITY APP FOR YOUR PHONE AND TABLET

A South Canterbury business has been hit by hackers who intercepted its invoices and prompted clients to deposit money into foreign bank accounts.

Kerry O’Rourke, a part-owner in Pleasant Point’s O’Rourke Brothers Taxidermy, said far only one of O’Rourke’s clients has been sucked into the scam, losing “probably about €2000 ($3583) into an account”.

“We first realised something was amiss with our emails when we got rung up by an English client who we were sending some mounts to. He had paid his money into an English Building Society account supposedly that we’d sent him, which we hadn’t sent him.

“It probably wouldn’t be legal to do what I want to do to them. It’s a thing you can’t do anything about until its happened.”

O’Rourke said his reaction was to immediately alert the rest of his overseas clients.

“We got in contact with all our other foreign clients who we had invoices out to by email. Some of them have been approached (by the hackers). Our emails have been intercepted and reconstructed giving them Russian bank accounts.

“So it’s a network that’s fairly global thievery,” O’Rourke said.

O’Rourke said he was still to hear from some offshore clients who have been sent invoices. Despite only one customer being defrauded so far, he believed the damage could have been far worse.

“There’s one other we haven’t heard from yet who possibly could’ve paid their money into a foreign account. In the meantime they were blocking our emails from getting to the client and blocking their emails from getting to us.

“So we weren’t hearing back while they were altering the invoices on our letterhead and signing our secretary’s name.

“We feel some obligation to him (the foreign client) because it was our computer that was hacked and so it is going to cost us money. Even though it’s not our fault at all of course, I mean some robber’s got into our computer,” O’Rourke said.

O’Rourke, who consulted two computer specialists before the scam was identified, believed it was impossible to retrieve the money.

“They transfer it into an account they open specially, in G.D. O’Rourke & Sons’ name by the way, and anyone can do that. As soon as it gets paid of course they clear it and shoot it off somewhere else, or get it out in cash, or whatever. So it’s gone,” he said.

O’Rourke had been told the hackers had to embed something in his computer to pull the scam off, “and how they do that’s still a mystery to us”.

“We had the computers at two different experts who have had a go at it and initially couldn’t find any problem. My other daughter, Vanessa, looked up on Youtube how to get into your computer to find out if there’s a hacker and remove them. She did that yesterday and removed something she thinks was supposedly the hacker.

“But Spark have also been looking into it and they’ve found something embedded in our email system. We don’t know how they do it, there’s criminals sitting all around the world working these things out – how to cheat people.

“It’s not a great loss to us yet and it could’ve been a lot worse,” he said.

The matter has been reported to police.

Senior Sergeant Mark Offen said there was little Timaru police could do, but suggested victims of scams contact the Department of Internal Affairs.

“We can only investigate crimes within our borders. If it smells fishy it probably is.”